Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Added a NULL check for “date-evtskb”. Fixed crashes due to NULL pointers. 6104.969662 BUG: NULL pointer dereferencing in the kernel; address: 00000000000000c8 6104.969667 PF: Supervisor read access in kernel...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: udplite: Fixed a NULL pointer dereference in skmemraiseallocated. syzbot reported a NULL pointer dereference in skgetrmem0 while using IPPROTOUDPLITE 0x88: 14:25:52 executing program 1: r0 = socket$inet60xa, 0x80002, 0x88 We...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: rc: The bpf attach/detach operation requires write permission. source-iocs-preserved const=CAPNETADMIN...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed idx validation in i40evalidatequeuemap. Ensured that the idx value is within the range of active/initialized TC’s when iterating over vf-chidx in i40evalidatequeuemap...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed “ksmbd: validate command payload size”, except for the SMB2OPLOCKBREAKHE command, the request size of other commands is not checked—this is not expected. This issue was...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix for NULL pointer dereferencing After committing change 45c7e8af4a5e3f0bea4ac209 “MIPS: Remove KVMTE support”, we encountered a NULL pointer dereferencing issue when creating a KVM guest: 146.243409 Starting KVM wit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xsk: fixed the refcount underflow in the error path. This fix addresses a refcount underflow issue reported by syzbot, which can occur when the system runs out of memory. If xpalloctxdescs fails—and it can only fail due to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: cs35l41: Fixed an out-of-bounds access in otppackedelementt The value CS35L41NUMOTPELEM is 100, but only 99 entries are defined in the array otpmap1/2CS35L41NUMOTPELEM. This will trigger UBSAN to report a out-of-bounds...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed an error in ipvsappnetcleanup During the initialization of ipvsappnetinit, if the file ipvsapp fails to be created, the initialization will still succeed by default. Therefore, the ipvsapp file will not be found durin...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This issue arises due to OOB access in amdgpuvmupdaterange when offsetinbo + mapsize causes an overflow. Changes made in versions v2 and v3: - The validations were retained in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed an information leak in btrfsioctllogicaltoino. Syzbot reported the following information leaks related to btrfsioctllogicaltoino: - BUG: KMSAN: A kernel-infoleak exists in instrumentcopytouser from...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed a potential bug in endbufferasyncwrite According to a syzbot report, endbufferasyncwrite, which handles the completion of block device writes, may detect abnormal conditions of the asyncwrite flag and cause a BUGON...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013450)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013450 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2writ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001285)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001285 advisory. The vhcihcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004328)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004328 advisory. An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001292)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001292 advisory. A memory leak in the i2400moprfkillswtoggle function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: fixed a recursive semaphore deadlock in the fiemap call syzbot detected a OCFS2 hang due to a recursive semaphore on the FSIOCFIEMAP of the extent list in a specially crafted mmap file. contextswitch...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000239)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000239 advisory. An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000311)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000311 advisory. An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414423)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414423 advisory. Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux...